Ga naar inhoud

R.Scheijen

Lid
  • Items

    13
  • Registratiedatum

  • Laatst bezocht

Alles dat geplaatst werd door R.Scheijen

  1. Nou tot nu toe heb ik er geen problemen mee gehad! Ook een leuke bijkomstigheid is dat Kapersky weer dingen laat zien dat hij actief is.. zoals meldingen of dingen die je opent schadelijk zijn en of deze vertrouwd moeten worden. Ook de updates van Kapersky gaan veel sneller, en tijdens de updates kan ik ook gewoon weer andere dingen doen. Heel erg bedankt allemaal! Jullie hebben hier een blij persoon zitten, die jullie erg dankbaar is! Bedankt dat jullie mij geholpen hebben!
  2. Bij deze.. ComboFix 10-11-12.06 - Ruud Scheijen 14-11-2010 12:26:58.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1014.636 [GMT 1:00] Gestart vanuit: c:\documents and settings\Ruud Scheijen\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Ruud Scheijen\Bureaublad\CFScript.txt AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} FILE :: "c:\windows\system32\drivers\727fe9c8.sys" "c:\windows\system32\drivers\ajhwxxwm.sys" "c:\windows\system32\drivers\fjuacmv.sys" "c:\windows\system32\drivers\hitmanpro3.sys" . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_HITMANPRO3 -------\Service_727fe9c8 -------\Service_ajhwxxwm -------\Service_hitmanpro3 -------\Service_kyqugm (((((((((((((((((((( Bestanden Gemaakt van 2010-10-14 to 2010-11-14 )))))))))))))))))))))))))))))) . 2010-11-14 06:59 . 2010-11-14 07:10 -------- d-----w- c:\documents and settings\Ruud Scheijen\Application Data\Mijn The Lord of the Rings, The Rise of the Witch-king-bestanden 2010-11-13 23:06 . 2010-11-13 23:47 -------- d-----w- c:\program files\Electronic Arts 2010-11-07 11:08 . 2010-11-07 11:08 -------- d-----w- C:\Restoration 2010-11-04 14:13 . 2010-04-28 06:44 54760 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys 2010-11-04 14:11 . 2010-11-04 14:11 -------- d-----w- c:\program files\Microsoft Sync Framework 2010-11-04 14:07 . 2010-11-04 14:07 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-11-04 14:02 . 2010-11-04 14:02 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-11-04 14:00 . 2010-11-04 14:13 -------- d-----w- c:\program files\Windows Live 2010-11-03 09:37 . 2010-11-03 09:37 3584 ----a-r- c:\documents and settings\Ruud Scheijen\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 2010-11-03 09:37 . 2010-11-03 09:37 -------- d-----w- c:\program files\Windows Installer Clean Up 2010-11-01 14:45 . 2010-11-01 14:46 -------- d-----w- c:\program files\Speccy 2010-10-27 21:24 . 2010-09-06 09:26 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2010-10-25 12:11 . 2010-11-14 11:15 -------- d--h--r- c:\documents and settings\Ruud Scheijen\Onlangs geopend . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-10 09:19 . 2010-08-15 15:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-10 09:19 . 2010-08-15 15:22 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-10-19 20:51 . 2009-10-03 06:41 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-09-18 10:23 . 2004-09-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll 2010-09-18 06:53 . 2004-09-02 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll 2010-09-18 06:53 . 2004-09-02 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll 2010-09-18 06:53 . 2004-09-02 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll 2010-09-10 05:52 . 2006-03-04 03:35 916480 ----a-w- c:\windows\system32\wininet.dll 2010-09-10 05:52 . 2004-09-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-10 05:52 . 2004-09-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-09-01 11:52 . 2004-09-02 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll 2010-09-01 07:57 . 2010-08-09 09:06 1852928 ----a-w- c:\windows\system32\win32k.sys 2010-08-27 08:03 . 2004-09-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2010-08-27 05:55 . 2010-08-09 09:06 99840 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll 2010-08-26 13:39 . 2010-08-09 09:06 357248 ----a-w- c:\windows\system32\drivers\srv.sys 2010-08-23 16:13 . 2010-08-09 09:06 617472 ----a-w- c:\windows\system32\comctl32.dll 2010-08-17 13:17 . 2004-09-02 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-13 323392] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "Google Update"="c:\documents and settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-18 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2010-08-18 340520] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-09-02 44544] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office 2002 XP\Office10\OSA.EXE [2001-2-13 83360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Windows Search.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Windows Search.lnk backup=c:\windows\pss\Windows Search.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^Ruud Scheijen^Menu Start^Programma's^Opstarten^OpenOffice.org 3.2 .lnk] path=c:\documents and settings\Ruud Scheijen\Menu Start\Programma's\Opstarten\OpenOffice.org 3.2 .lnk backup=c:\windows\pss\OpenOffice.org 3.2 .lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-08-20 19:45 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-09-24 00:10 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TMRUBottedTray] 2008-11-06 09:33 288088 ----a-w- c:\program files\Trend Micro\RUBotted\TMRUBottedTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "MSK80Service"=2 (0x2) "mfevtp"=2 (0x2) "mfefire"=2 (0x2) "McShield"=2 (0x2) "McProxy"=2 (0x2) "McODS"=3 (0x3) "McNASvc"=2 (0x2) "McNaiAnn"=2 (0x2) "mcmscsvc"=2 (0x2) "McAfee SiteAdvisor Service"=2 (0x2) "McrdSvc"=2 (0x2) "McMPFSvc"=2 (0x2) "iPod Service"=3 (0x3) "gupdate"=2 (0x2) "ehSched"=2 (0x2) "ehRecvr"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\DNA\\btdna.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Electronic Arts\\The Rise of the Witch-king\\game.dat"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14-10-2009 19:18 36880] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15-7-2008 19:03 691696] R2 RUBotted;Trend Micro RUBotted Service;c:\program files\Trend Micro\RUBotted\TMRUBotted.exe [3-9-2010 12:02 582992] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2-10-2009 17:39 19472] R3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\TMPassthru.sys [3-9-2010 12:02 206608] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 12:16 130384] S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14-9-2009 12:42 32272] S3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\drivers\TMPassthru.sys [3-9-2010 12:02 206608] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2-9-2004 13:00 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 12:16 753504] S4 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:29 133104] S4 McMPFSvc;McAfee Personal Firewall;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WINRM REG_MULTI_SZ WINRM . Inhoud van de 'Gedeelde Taken' map 2010-10-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:29] 2010-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:29] 2010-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3556961487-2084710088-1128744442-1005Core.job - c:\documents and settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-09 06:43] 2010-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3556961487-2084710088-1128744442-1005UA.job - c:\documents and settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-09 06:43] 2010-11-14 c:\windows\Tasks\User_Feed_Synchronization-{6B52D93B-5281-4442-82A5-3A53269E1FBF}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MIBA4D~1\Office10\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 IE: Save YouTube Video as MP3 - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm IE: Toevoegen aan Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2010-11-14 12:44 Windows 5.1.2600 Service Pack 3 NTFS scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: 0 ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(1620) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe c:\windows\system32\SearchIndexer.exe c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe c:\windows\system32\wscntfy.exe c:\windows\eHome\ehmsas.exe c:\documents and settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe . ************************************************************************** . Voltooingstijd: 2010-11-14 12:51:46 - machine werd herstart ComboFix-quarantined-files.txt 2010-11-14 11:51 ComboFix2.txt 2010-11-14 07:54 Pre-Run: 80.830.906.368 bytes beschikbaar Post-Run: 80.821.964.800 bytes beschikbaar Current=4 Default=4 Failed=1 LastKnownGood=2 Sets=1,2,4,14 - - End Of File - - 0DFFCA5A869FBBA73BF4FBFDE2C3FD85
  3. Dit is de scan van Combofix ComboFix 10-11-12.06 - Ruud Scheijen 14-11-2010 8:21.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.1014.515 [GMT 1:00] Gestart vanuit: c:\documents and settings\Ruud Scheijen\Mijn documenten\Downloads\ComboFix.exe AV: Kaspersky Internet Security *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0} FW: Kaspersky Internet Security *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0} . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\vlc-0.9.4-win32.exe c:\documents and settings\All Users\Application Data\vlc-0.9.6-win32.exe c:\documents and settings\Ruud Scheijen\Application Data\.# c:\documents and settings\Ruud Scheijen\System c:\documents and settings\Ruud Scheijen\System\win_qs8.jqx c:\program files\Search Settings c:\program files\Search Settings\kb128\SearchSettings.dll c:\program files\Search Settings\kb128\SearchSettingsRes409.dll c:\program files\Search Settings\SearchSettings.exe c:\windows\system32\_004899_.tmp.dll c:\windows\system32\_004900_.tmp.dll c:\windows\system32\_004901_.tmp.dll c:\windows\system32\_004902_.tmp.dll c:\windows\system32\_004909_.tmp.dll c:\windows\system32\_004910_.tmp.dll c:\windows\system32\_004911_.tmp.dll c:\windows\system32\_004912_.tmp.dll c:\windows\system32\_004914_.tmp.dll c:\windows\system32\_004915_.tmp.dll c:\windows\system32\_004918_.tmp.dll c:\windows\system32\_004919_.tmp.dll c:\windows\system32\_004921_.tmp.dll c:\windows\system32\_004922_.tmp.dll c:\windows\system32\_004923_.tmp.dll c:\windows\system32\_004925_.tmp.dll c:\windows\system32\_004928_.tmp.dll c:\windows\system32\_004929_.tmp.dll c:\windows\system32\_004933_.tmp.dll c:\windows\system32\_004934_.tmp.dll c:\windows\system32\_004936_.tmp.dll c:\windows\system32\_004939_.tmp.dll c:\windows\system32\_004941_.tmp.dll c:\windows\system32\_004942_.tmp.dll c:\windows\system32\_004943_.tmp.dll c:\windows\system32\_004944_.tmp.dll c:\windows\system32\_004945_.tmp.dll c:\windows\system32\_004948_.tmp.dll c:\windows\system32\_004949_.tmp.dll c:\windows\system32\_004950_.tmp.dll c:\windows\system32\_004951_.tmp.dll c:\windows\system32\_004952_.tmp.dll c:\windows\system32\_004957_.tmp.dll c:\windows\system32\_004959_.tmp.dll c:\windows\system32\_004985_.tmp.dll c:\windows\system32\_004986_.tmp.dll c:\windows\system32\_004987_.tmp.dll c:\windows\system32\_004988_.tmp.dll c:\windows\system32\_004991_.tmp.dll c:\windows\system32\_004992_.tmp.dll c:\windows\system32\_004993_.tmp.dll c:\windows\system32\_004994_.tmp.dll c:\windows\system32\_004995_.tmp.dll c:\windows\system32\_004996_.tmp.dll c:\windows\system32\_004997_.tmp.dll c:\windows\system32\_004998_.tmp.dll c:\windows\system32\_004999_.tmp.dll c:\windows\system32\_005000_.tmp.dll c:\windows\system32\_005001_.tmp.dll c:\windows\system32\_005002_.tmp.dll c:\windows\system32\_005003_.tmp.dll c:\windows\system32\_005004_.tmp.dll c:\windows\system32\_005005_.tmp.dll c:\windows\system32\_005006_.tmp.dll c:\windows\system32\_005007_.tmp.dll c:\windows\system32\_005008_.tmp.dll c:\windows\system32\_005009_.tmp.dll c:\windows\system32\_005010_.tmp.dll c:\windows\system32\_005011_.tmp.dll c:\windows\system32\_005012_.tmp.dll c:\windows\system32\_005013_.tmp.dll c:\windows\system32\_005014_.tmp.dll c:\windows\system32\_005015_.tmp.dll c:\windows\system32\_005016_.tmp.dll c:\windows\system32\_005017_.tmp.dll c:\windows\system32\_005018_.tmp.dll c:\windows\system32\_005019_.tmp.dll c:\windows\system32\_005020_.tmp.dll c:\windows\system32\_005021_.tmp.dll c:\windows\system32\_005022_.tmp.dll c:\windows\system32\_005023_.tmp.dll c:\windows\system32\_005024_.tmp.dll c:\windows\system32\_005025_.tmp.dll c:\windows\system32\_005026_.tmp.dll c:\windows\system32\_005027_.tmp.dll c:\windows\system32\_005028_.tmp.dll c:\windows\system32\_005029_.tmp.dll c:\windows\system32\_005030_.tmp.dll c:\windows\system32\_005031_.tmp.dll c:\windows\system32\_005032_.tmp.dll c:\windows\system32\_005033_.tmp.dll c:\windows\system32\_005034_.tmp.dll c:\windows\system32\_005035_.tmp.dll c:\windows\system32\_005036_.tmp.dll c:\windows\system32\_005037_.tmp.dll c:\windows\system32\_005038_.tmp.dll c:\windows\system32\_005039_.tmp.dll c:\windows\system32\_005040_.tmp.dll c:\windows\system32\_005041_.tmp.dll c:\windows\system32\_005042_.tmp.dll c:\windows\system32\_005043_.tmp.dll c:\windows\system32\_005044_.tmp.dll c:\windows\system32\_005045_.tmp.dll c:\windows\system32\_005046_.tmp.dll c:\windows\system32\_005047_.tmp.dll c:\windows\system32\_005048_.tmp.dll c:\windows\system32\_005049_.tmp.dll c:\windows\system32\_005050_.tmp.dll c:\windows\system32\_005051_.tmp.dll c:\windows\system32\_005052_.tmp.dll c:\windows\system32\_005053_.tmp.dll c:\windows\system32\_005054_.tmp.dll c:\windows\system32\_005055_.tmp.dll c:\windows\system32\_005056_.tmp.dll c:\windows\system32\_005057_.tmp.dll c:\windows\system32\_005058_.tmp.dll c:\windows\system32\_005059_.tmp.dll c:\windows\system32\_005060_.tmp.dll c:\windows\system32\_005061_.tmp.dll c:\windows\system32\_005062_.tmp.dll c:\windows\system32\_005063_.tmp.dll c:\windows\system32\_005064_.tmp.dll c:\windows\system32\_005065_.tmp.dll c:\windows\system32\_005066_.tmp.dll c:\windows\system32\_005067_.tmp.dll c:\windows\system32\_005068_.tmp.dll c:\windows\system32\_005069_.tmp.dll c:\windows\system32\_005070_.tmp.dll c:\windows\system32\_005071_.tmp.dll c:\windows\system32\_005072_.tmp.dll c:\windows\system32\_005073_.tmp.dll c:\windows\system32\_005074_.tmp.dll c:\windows\system32\_005075_.tmp.dll c:\windows\system32\_005076_.tmp.dll c:\windows\system32\_005077_.tmp.dll c:\windows\system32\_005078_.tmp.dll c:\windows\system32\_005079_.tmp.dll c:\windows\system32\_005080_.tmp.dll c:\windows\system32\_005081_.tmp.dll c:\windows\system32\_005082_.tmp.dll c:\windows\system32\_005083_.tmp.dll c:\windows\system32\_005084_.tmp.dll c:\windows\system32\_005085_.tmp.dll c:\windows\system32\_005086_.tmp.dll c:\windows\system32\_005087_.tmp.dll c:\windows\system32\_005088_.tmp.dll c:\windows\system32\_005089_.tmp.dll c:\windows\system32\_005090_.tmp.dll c:\windows\system32\_005091_.tmp.dll c:\windows\system32\_005092_.tmp.dll c:\windows\system32\_005093_.tmp.dll c:\windows\system32\_005094_.tmp.dll c:\windows\system32\_005095_.tmp.dll c:\windows\system32\_005096_.tmp.dll c:\windows\system32\_005097_.tmp.dll c:\windows\system32\_005098_.tmp.dll c:\windows\system32\_005099_.tmp.dll c:\windows\system32\_005100_.tmp.dll c:\windows\system32\_005101_.tmp.dll c:\windows\system32\_005102_.tmp.dll c:\windows\system32\_005103_.tmp.dll c:\windows\system32\_005104_.tmp.dll c:\windows\system32\_005105_.tmp.dll c:\windows\system32\_005106_.tmp.dll c:\windows\system32\_005107_.tmp.dll c:\windows\system32\_005108_.tmp.dll c:\windows\system32\_005109_.tmp.dll c:\windows\system32\_005110_.tmp.dll c:\windows\system32\_005111_.tmp.dll c:\windows\system32\_005112_.tmp.dll c:\windows\system32\_005113_.tmp.dll c:\windows\system32\_005114_.tmp.dll c:\windows\system32\_005115_.tmp.dll c:\windows\system32\_005116_.tmp.dll c:\windows\system32\_005117_.tmp.dll c:\windows\system32\_005118_.tmp.dll c:\windows\system32\_005119_.tmp.dll c:\windows\system32\_005120_.tmp.dll c:\windows\system32\_005121_.tmp.dll c:\windows\system32\_005122_.tmp.dll c:\windows\system32\_005123_.tmp.dll c:\windows\system32\_005124_.tmp.dll c:\windows\system32\_005125_.tmp.dll c:\windows\system32\_005126_.tmp.dll c:\windows\system32\_005127_.tmp.dll c:\windows\system32\_005128_.tmp.dll c:\windows\system32\_005129_.tmp.dll c:\windows\system32\_005130_.tmp.dll c:\windows\system32\_005131_.tmp.dll c:\windows\system32\_005132_.tmp.dll c:\windows\system32\_005133_.tmp.dll c:\windows\system32\_005134_.tmp.dll c:\windows\system32\_005135_.tmp.dll c:\windows\system32\_005136_.tmp.dll c:\windows\system32\_005137_.tmp.dll c:\windows\system32\_005138_.tmp.dll c:\windows\system32\_005139_.tmp.dll c:\windows\system32\_005140_.tmp.dll c:\windows\system32\_005141_.tmp.dll c:\windows\system32\_005142_.tmp.dll c:\windows\system32\_005143_.tmp.dll c:\windows\system32\_005144_.tmp.dll c:\windows\system32\_005145_.tmp.dll c:\windows\system32\_005146_.tmp.dll c:\windows\system32\_005147_.tmp.dll c:\windows\system32\_005148_.tmp.dll c:\windows\system32\_005149_.tmp.dll c:\windows\system32\_005150_.tmp.dll c:\windows\system32\_005152_.tmp.dll c:\windows\system32\_005153_.tmp.dll c:\windows\system32\_005154_.tmp.dll c:\windows\system32\_005155_.tmp.dll c:\windows\system32\_005156_.tmp.dll c:\windows\system32\_005157_.tmp.dll c:\windows\system32\_005158_.tmp.dll c:\windows\system32\_005160_.tmp.dll c:\windows\system32\_005161_.tmp.dll c:\windows\system32\_005162_.tmp.dll c:\windows\system32\_005163_.tmp.dll c:\windows\system32\_005164_.tmp.dll c:\windows\system32\_005165_.tmp.dll c:\windows\system32\_005166_.tmp.dll c:\windows\system32\_005167_.tmp.dll c:\windows\system32\_005168_.tmp.dll c:\windows\system32\_005169_.tmp.dll c:\windows\system32\_005170_.tmp.dll c:\windows\system32\_005171_.tmp.dll c:\windows\system32\_005172_.tmp.dll c:\windows\system32\_005173_.tmp.dll c:\windows\system32\_005174_.tmp.dll c:\windows\system32\_005175_.tmp.dll c:\windows\system32\_005177_.tmp.dll c:\windows\system32\_005178_.tmp.dll c:\windows\system32\_005179_.tmp.dll c:\windows\system32\_005180_.tmp.dll c:\windows\system32\_005182_.tmp.dll c:\windows\system32\_005184_.tmp.dll c:\windows\system32\_005185_.tmp.dll c:\windows\system32\_005186_.tmp.dll c:\windows\system32\_005187_.tmp.dll c:\windows\system32\_005188_.tmp.dll c:\windows\system32\_005189_.tmp.dll c:\windows\system32\_005190_.tmp.dll c:\windows\system32\_005192_.tmp.dll c:\windows\system32\_005193_.tmp.dll c:\windows\system32\_005194_.tmp.dll c:\windows\system32\_005195_.tmp.dll c:\windows\system32\_005196_.tmp.dll c:\windows\system32\_005197_.tmp.dll c:\windows\system32\_005198_.tmp.dll c:\windows\system32\_005199_.tmp.dll c:\windows\system32\_005200_.tmp.dll c:\windows\system32\_005201_.tmp.dll c:\windows\system32\_005202_.tmp.dll c:\windows\system32\_005203_.tmp.dll c:\windows\system32\_005204_.tmp.dll c:\windows\system32\_005205_.tmp.dll c:\windows\system32\_005206_.tmp.dll c:\windows\system32\_005207_.tmp.dll c:\windows\system32\_005209_.tmp.dll c:\windows\system32\_005210_.tmp.dll c:\windows\system32\_005211_.tmp.dll c:\windows\system32\_005212_.tmp.dll c:\windows\system32\_005214_.tmp.dll c:\windows\system32\_005216_.tmp.dll c:\windows\system32\_005217_.tmp.dll c:\windows\system32\_005218_.tmp.dll c:\windows\system32\_005219_.tmp.dll c:\windows\system32\_005220_.tmp.dll c:\windows\system32\_005221_.tmp.dll c:\windows\system32\_005222_.tmp.dll c:\windows\system32\_005224_.tmp.dll c:\windows\system32\_005225_.tmp.dll c:\windows\system32\_005226_.tmp.dll c:\windows\system32\_005227_.tmp.dll c:\windows\system32\_005228_.tmp.dll c:\windows\system32\_005229_.tmp.dll c:\windows\system32\_005230_.tmp.dll c:\windows\system32\_005231_.tmp.dll c:\windows\system32\_005233_.tmp.dll c:\windows\system32\_005234_.tmp.dll c:\windows\system32\_005237_.tmp.dll c:\windows\system32\_005238_.tmp.dll c:\windows\system32\_005242_.tmp.dll c:\windows\system32\_005243_.tmp.dll c:\windows\system32\_005245_.tmp.dll c:\windows\system32\_005248_.tmp.dll c:\windows\system32\_005250_.tmp.dll c:\windows\system32\_005251_.tmp.dll c:\windows\system32\_005252_.tmp.dll c:\windows\system32\_005253_.tmp.dll c:\windows\system32\_005256_.tmp.dll c:\windows\system32\_005257_.tmp.dll c:\windows\system32\_005258_.tmp.dll c:\windows\system32\_005259_.tmp.dll c:\windows\system32\_005260_.tmp.dll c:\windows\system32\_005265_.tmp.dll c:\windows\system32\_005267_.tmp.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_MYWEBSEARCHSERVICE (((((((((((((((((((( Bestanden Gemaakt van 2010-10-14 to 2010-11-14 )))))))))))))))))))))))))))))) . 2010-11-14 06:59 . 2010-11-14 07:10 -------- d-----w- c:\documents and settings\Ruud Scheijen\Application Data\Mijn The Lord of the Rings, The Rise of the Witch-king-bestanden 2010-11-13 23:06 . 2010-11-13 23:47 -------- d-----w- c:\program files\Electronic Arts 2010-11-07 11:08 . 2010-11-07 11:08 -------- d-----w- C:\Restoration 2010-11-04 14:13 . 2010-04-28 06:44 54760 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys 2010-11-04 14:11 . 2010-11-04 14:11 -------- d-----w- c:\program files\Microsoft Sync Framework 2010-11-04 14:07 . 2010-11-04 14:07 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-11-04 14:02 . 2010-11-04 14:02 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-11-04 14:00 . 2010-11-04 14:13 -------- d-----w- c:\program files\Windows Live 2010-11-03 09:37 . 2010-11-03 09:37 3584 ----a-r- c:\documents and settings\Ruud Scheijen\Application Data\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 2010-11-03 09:37 . 2010-11-03 09:37 -------- d-----w- c:\program files\Windows Installer Clean Up 2010-11-01 14:45 . 2010-11-01 14:46 -------- d-----w- c:\program files\Speccy 2010-10-27 21:24 . 2010-09-06 09:26 189520 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2010-10-25 12:11 . 2010-11-14 07:19 -------- d--h--r- c:\documents and settings\Ruud Scheijen\Onlangs geopend . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-11-10 09:19 . 2010-08-15 15:22 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-10 09:19 . 2010-08-15 15:22 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-10-19 20:51 . 2009-10-03 06:41 222080 ------w- c:\windows\system32\MpSigStub.exe 2010-09-18 10:23 . 2004-09-02 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll 2010-09-18 06:53 . 2004-09-02 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll 2010-09-18 06:53 . 2004-09-02 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll 2010-09-18 06:53 . 2004-09-02 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll 2010-09-10 05:52 . 2006-03-04 03:35 916480 ----a-w- c:\windows\system32\wininet.dll 2010-09-10 05:52 . 2004-09-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2010-09-10 05:52 . 2004-09-02 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2010-09-08 09:17 . 2010-09-08 09:17 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2010-09-08 09:17 . 2010-09-08 09:17 69632 ----a-w- c:\windows\system32\QuickTime.qts 2010-09-01 11:52 . 2004-09-02 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll 2010-09-01 07:57 . 2010-08-09 09:06 1852928 ----a-w- c:\windows\system32\win32k.sys 2010-08-27 08:03 . 2004-09-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll 2010-08-27 05:55 . 2010-08-09 09:06 99840 ----a-w- c:\windows\system32\srvsvc.dll 2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll 2010-08-26 13:39 . 2010-08-09 09:06 357248 ----a-w- c:\windows\system32\drivers\srv.sys 2010-08-23 16:13 . 2010-08-09 09:06 617472 ----a-w- c:\windows\system32\comctl32.dll 2010-08-17 13:17 . 2004-09-02 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe 2010-08-16 08:45 . 2004-09-02 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-13 323392] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "Google Update"="c:\documents and settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-03-18 136176] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2004-08-10 59392] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2008-10-24 79136] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-09-24 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-14 77824] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688] "AVP"="c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" [2010-08-18 340520] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584] "TMRUBottedTray"="c:\program files\Trend Micro\RUBotted\TMRUBottedTray.exe" [2008-11-06 288088] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-09-08 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-09-24 421160] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-03 435096] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-09-02 44544] c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office 2002 XP\Office10\OSA.EXE [2001-2-13 83360] Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" [HKLM\~\startupfolder\C:^Documents and Settings^Ruud Scheijen^Menu Start^Programma's^Opstarten^OpenOffice.org 3.2 .lnk] path=c:\documents and settings\Ruud Scheijen\Menu Start\Programma's\Opstarten\OpenOffice.org 3.2 .lnk backup=c:\windows\pss\OpenOffice.org 3.2 .lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2010-09-24 00:10 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-09-08 09:17 421888 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "MSK80Service"=2 (0x2) "mfevtp"=2 (0x2) "mfefire"=2 (0x2) "McShield"=2 (0x2) "McProxy"=2 (0x2) "McODS"=3 (0x3) "McNASvc"=2 (0x2) "McNaiAnn"=2 (0x2) "mcmscsvc"=2 (0x2) "McAfee SiteAdvisor Service"=2 (0x2) "McrdSvc"=2 (0x2) "McMPFSvc"=2 (0x2) "iPod Service"=3 (0x3) "gupdate"=2 (0x2) "ehSched"=2 (0x2) "ehRecvr"=2 (0x2) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\DNA\\btdna.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Electronic Arts\\The Rise of the Witch-king\\game.dat"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [14-10-2009 19:18 36880] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15-7-2008 19:03 691696] R2 RUBotted;Trend Micro RUBotted Service;c:\program files\Trend Micro\RUBotted\TMRUBotted.exe [3-9-2010 12:02 582992] R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2-10-2009 17:39 19472] R3 TMPassthruMP;TMPassthruMP;c:\windows\system32\drivers\TMPassthru.sys [3-9-2010 12:02 206608] S0 kyqugm;kyqugm;c:\windows\system32\drivers\fjuacmv.sys --> c:\windows\system32\drivers\fjuacmv.sys [?] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S1 727fe9c8;727fe9c8;c:\windows\system32\drivers\727fe9c8.sys --> c:\windows\system32\drivers\727fe9c8.sys [?] S1 ajhwxxwm;ajhwxxwm;\??\c:\windows\system32\drivers\ajhwxxwm.sys --> c:\windows\system32\drivers\ajhwxxwm.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18-3-2010 12:16 130384] S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?] S3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [14-9-2009 12:42 32272] S3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\drivers\TMPassthru.sys [3-9-2010 12:02 206608] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2-9-2004 13:00 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18-3-2010 12:16 753504] S4 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [29-12-2009 21:29 133104] S4 McMPFSvc;McAfee Personal Firewall;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [?] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WINRM REG_MULTI_SZ WINRM . Inhoud van de 'Gedeelde Taken' map 2010-10-08 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] 2010-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:29] 2010-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-29 20:29] 2010-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3556961487-2084710088-1128744442-1005Core.job - c:\documents and settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-09 06:43] 2010-11-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3556961487-2084710088-1128744442-1005UA.job - c:\documents and settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-09-09 06:43] 2010-11-14 c:\windows\Tasks\User_Feed_Synchronization-{6B52D93B-5281-4442-82A5-3A53269E1FBF}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MIBA4D~1\Office10\EXCEL.EXE/3000 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 IE: Save YouTube Video as MP3 - c:\program files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm IE: Toevoegen aan Anti-Banner - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm . - - - - ORPHANS VERWIJDERD - - - - MSConfigStartUp-mcui_exe - c:\program files\McAfee.com\Agent\mcagent.exe MSConfigStartUp-MSKDetectorExe - c:\program files\McAfee\SpamKiller\MSKDetct.exe AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe ************************************************************************** scannen van verborgen processen ... scannen van verborgen autostart items ... scannen van verborgen bestanden ... Scan succesvol afgerond verborgen bestanden: ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'explorer.exe'(1400) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe c:\program files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe c:\windows\system32\SearchIndexer.exe c:\windows\system32\dllhost.exe c:\windows\eHome\ehmsas.exe c:\program files\iPod\bin\iPodService.exe c:\documents and settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe . ************************************************************************** . Voltooingstijd: 2010-11-14 08:54:46 - machine werd herstart ComboFix-quarantined-files.txt 2010-11-14 07:54 Pre-Run: 74.639.200.256 bytes beschikbaar Post-Run: 80.836.403.200 bytes beschikbaar WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect Current=4 Default=4 Failed=1 LastKnownGood=2 Sets=1,2,4,14 - - End Of File - - E51CB5CCB2FF0F6FA1CC33645177FB2F Ik zal zo even kijken voor de programma's die starten bij t opstarten! ---------- Post toegevoegd om 11:25 ---------- Vorige post was om 11:17 ---------- Bij de programma's die opstarten heb ik er 2 uitgeschakeld, dus daar zal het niet aan liggen. Over bovenstaande log kan ik weinig zelf mee, want ik zie niet zo snel of er iets schadelijks tussen zit/zat.
  4. Heel erg bedankt voor jullie reacties.. Ik kan ze echter pas zaterdagavond / zondagmorgen uitvoeren, omdat ik sinds gister deze week niet meer thuis ben. Ik zal waarschijnlijk zondag een berichtje sturen hoe het gegaan is! Nogmaals bedankt
  5. Een heel klein beetje, maar meer eigenlijk ook niet. Het is nog steeds niet zoals t geweest was, maar na verloop van tijd gebeurt dat helaas met je computer... Maar soms blijft hij wel vasthangen, dat het programma gewoon even niet reageert.
  6. Excuses voor mijn late reactie. Bij deze het logje van Malwarebytes Malwarebytes' Anti-Malware 1.46 Malwarebytes Databaseversie: 5029 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 3-11-2010 14:35:42 mbam-log-2010-11-03 (14-35-42).txt Scantype: Volledige scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|K:\|) Objecten gescand: 259515 Verstreken tijd: 4 uur/uren, 57 minuut/minuten, 17 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Er is dus niets gevonden.. Het logje van Hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:40:43, on 7-11-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Recuva\Recuva.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Documents and Settings\Ruud Scheijen\Mijn documenten\Downloads\HijackThis.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] "c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [TMRUBottedTray] "C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office 2002 XP\Office10\OSA.EXE O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIBA4D~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: &Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: URL Adviseur - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Trend Micro RUBotted Service (RUBotted) - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- End of file - 11258 bytes Hopen dat het wat oplevert.
  7. Bij deze, mijn log scan via hijackthis Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:31:28, on 2-11-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WMP54Gv4.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Search Settings\SearchSettings.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Windows Desktop Search\WindowsSearch.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\iPod\bin\iPodService.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\msiexec.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\SearchProtocolHost.exe C:\Documents and Settings\Ruud Scheijen\Mijn documenten\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - (no file) O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ievkbd.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - (no file) O2 - BHO: (no name) - {BC71C30A-6647-45CC-B71C-921F08633171} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb128\SearchSettings.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [searchSettings] C:\Program Files\Search Settings\SearchSettings.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [TMRUBottedTray] "C:\Program Files\Trend Micro\RUBotted\TMRUBottedTray.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ruud Scheijen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-19\..\RunOnce: [] (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-20\..\RunOnce: [] (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [] (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [] (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office 2002 XP\Office10\OSA.EXE O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIBA4D~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Save YouTube Video as MP3 - res://C:\Program Files\Common Files\DVDVideoSoft\Dll\IEContextMenuY.dll/scriptY2MP3.htm O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\ie_banner_deny.htm O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: &Virtueel toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL O9 - Extra button: URL Adviseur - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file) O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll O20 - Winlogon Notify: iifcYQhF - iifcYQhF.dll (file missing) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Trend Micro RUBotted Service (RUBotted) - Trend Micro Inc. - C:\Program Files\Trend Micro\RUBotted\TMRUBotted.exe O23 - Service: WMP54Gv4SVC - GEMTEKS - C:\Program Files\Linksys Wireless-G PCI Wireless Network Monitor\WLService.exe -- End of file - 12075 bytes
  8. Het zal ietjes langer duren ben ik bang. Vanmorgen startte ik mijn pc op, en internet deed het niet. Ook niet op de laptop en een andere pc in huis. Er is iets met de router aan de hand, dus hopelijk kan ik vanavond een scannetje trekken
  9. Ik zal MSE deinstalleren, en t nog een dagje aankijken, ik moet namelijk zo ook eten en gaan werken. Alvast bedankt voor de hulp! Ruud
  10. Als ik hem verwijder, moet ik hem dan ook weer activeren? We hebben hier thuis 3 computers, waarop alle 3 Kapersky staat. We hebben een abonnement erop voor alle 3 de computers, heb ik dan een eigen inlogcode nodig of degene die mee is gekomen bij de aanschaf van t product? over t algemeen zit avp rond een percentage van 6-8 %
  11. Ik hoop dat de afbeelding duidelijk is? Dan zal ik Microsoft Security essentials wel de installeren. bij de processen daar gaat Kapersky wel op t CPU van 6 % opeens naar 90, zonder aanleiding..
  12. Bij deze de link: http://speccy.piriform.com/results/VaiikNq5FseGJ6ierqaMoCr Mister T, is het ook nodig om de processen hier te plaatsen? zo ja dan kan ik ze wel even posten. Je kan me ook aan spreken met je
  13. Goededag, Ik heb mijn computer sinds 2004 en hij werkt op Windows XP. Door de jaren heen heb ik verschillende problemen gehad, maar deze zijn opgelost geworden. Echter nu begint de computer steeds vaker vast te hangen op sommige momenten. Veelal bij silverlight plug - in en een plug-in die Google Chroome gebruikt. Soms blijft ie gewoon paar seconden hangen voordat ik weer verder kan gaan. En op bijvoorbeeld youtube, of als ik een video afspeel in BS Player, dan blijft hij soms haperen, en doet hij paar seconden gewoon niets, terwijl t geluid wel door gaat. Daarnaast is het updaten van Kapersky een heel irritant iets. Hij update zeker 6 maal per dag, en dan kan ik gewoon nog minder doen.. Ook starten sommige programma's heel langzaam, of openen zich pas na 1 à 2 minuten. Windows Update die zoekt soms een half uur tot een uur naar updates, terwijl dit op een andere pc in het huis binnen 3 minuten gevonden is. Ook worden 2 updates die hier gevonden worden altijd gezegt dat ze niet geinstalleerd kunnen worden. Op zich geen probleem, want het is een update van windows media center, en iets van talen voor microsoft office. Echter ik heb Trend Micro Ru Botted op mijn pc staan, en die meldt dat er malicious software werd geinstaleerd, maar ik heb 4 scanners, 2/3x volledig mijn pc laten controleren, maar er is niets gevonden. Scanners: Microsoft security essentials kapersky internet securuty malwarebytes anti malware en house call security gratis versie. Aan ruimtegebrek kan het niet liggen want ik heb 90 - 100 gb vrij van de 140 gb. Ik wou Hijackthis proberen, maar hier heb ik geen verstand van. Weet iemand misschien een oplossing op dit probleem? MVG Ruud
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.